Russian airline Aeroflot has exposed to the public internet the internal blueprints for its website, aeroflot.ru, The Register has learned.
Specifically, the biz has left a Docker registry server open to all the world to see: if asked nicely, with no authentication, it will cough up compressed archives of the confidential …

To segue from my previous comment: have there been any successful attacks against Aeroflot during the years the code has been exposed? I mean, other than the nation-state cyber attack against their VPN?

Re: English

Re: English

If you build your website on the cheap then you're getting a template with a different colour scheme, not a unique specially built website. Add to that poor security and i think we have our reason of how this happened.

I am at a loss, here ... does this mean that OpenBSD, FreeBSD, Linux kernel, tar, nc, and many other pieces of software are a risk ? I mean, ok, here, somebody can run a copycat website on, say www.aerofloat.ru and potentially trick ppl into given away their hard earned cash ... but anything can siphon the website looks ... I fail to grasp ... of course, they might find sqlinjection points and with a database flavor it is easier to mount an attack ... but still ... meh